package org.zuel.boot.demo.controller;

import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.*;
import org.zuel.boot.demo.model.DemoRole;
import org.zuel.boot.demo.service.IRoleService;

import java.util.List;

@RestController
@RequestMapping(value ="/role")
public class RoleController{
    private final IRoleService roleService;
    @Autowired
    public RoleController(IRoleService roleService){
        this.roleService=roleService;
    }
    @GetMapping(value = "/list")
    public Object list(@RequestParam(name = "spell_code", required = false) String spellCode,
                       @RequestParam(name = "name", required = false) String name,
                       @RequestParam(name = "con", required = false) String con,
                       @RequestParam(name = "page", defaultValue = "1") Integer page,
                       @RequestParam(name = "limit", defaultValue = "10") Integer limit,
                       @RequestParam(name = "sort", defaultValue = "order_num, add_time") String sort,
                       @RequestParam(name = "order", defaultValue = "asc") String order) {
        return roleService.list(spellCode, name, con, page, limit, sort, order);
    }

    @GetMapping(value = "/read/{id}")
    public Object read(@PathVariable("id") Integer id) {
        return roleService.read(id);
    }

    @PostMapping(value = "/add")
    public Object add(@RequestBody DemoRole model) {
        return roleService.add(model);
    }

    @RequiresPermissions("role:edit")//这个注解很有意思，一旦声明，在调用edit方法时，就会进入shiro轮回，在那个机器里捯饬一下，本质上是检查此时调用方法的用户是否具有这里写的权限，而检查方式toget被重写了，所以才能实现
    // @RequiresRoles("xxx")//可以具化为某一角色才有权限
    @PostMapping(value = "/edit")
    public Object edit(@RequestBody DemoRole model) {
        return roleService.edit(model);
    }

    @GetMapping(value = "/del")
    public Object del(@RequestParam(name = "ids") List<Integer> ids) {
        return roleService.del(ids);
    }
}
